net-http-digest_auth 1.2 → 1.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. data.tar.gz.sig +1 -4
  2. data/History.txt +5 -0
  3. data/README.txt +9 -14
  4. data/Rakefile +1 -4
  5. data/lib/net/http/digest_auth.rb +16 -8
  6. data/sample/auth_server.rb +0 -1
  7. data/test/test_net_http_digest_auth.rb +14 -11
  8. metadata +46 -25
  9. metadata.gz.sig +1 -3
data.tar.gz.sig CHANGED
@@ -1,4 +1 @@
1
- E��$"y,�N�gZ��坲����9��rw#2ɰG�>$�V��MI����,
2
- Ϸ�UЫDԉ�B�v\�j�c�9����1�|a
3
- ��$`_��q���4�54��?i�cS8���.�ʘfǾE�j7r
4
- !W�p&�VPk���
1
+ {�)K�˶�[�k\�.n߰�h2���{Z�����oD��}� �i��܍=N|��M���Ǐ*�ۜIe�_a.�T]~J���Xi���t�Z���W����P��hl�ᾕUw����Mg4�x�_����%�տ��ާNg���s�d}PU�������~�2�<�k��IS���ϧ��e�ԫ)7ظ&eK��;`;�s�{�#�3�a=:b�7�n�V���+�2�+�9Fd~s9)��k�":ay�E
data/History.txt CHANGED
@@ -1,3 +1,8 @@
1
+ === 1.2.1
2
+
3
+ * Bug fix
4
+ * Fixed -sess authentication. This also fixes pull request #4 by joe81
5
+
1
6
  === 1.2 / 2011-11-22
2
7
 
3
8
  * Minor enhancement
data/README.txt CHANGED
@@ -1,23 +1,18 @@
1
1
  = net-http-digest_auth
2
2
 
3
- * http://github.com/drbrain/net-http-digest_auth
4
- * http://seattlerb.rubyforge.org/net-http-digest_auth
5
- * http://www.rfc-editor.org/rfc/rfc2617.txt
3
+ code :: http://github.com/drbrain/net-http-digest_auth
4
+ rdoc :: http://docs.seattlerb.org/net-http-digest_auth
5
+ other :: http://www.rfc-editor.org/rfc/rfc2617.txt
6
6
 
7
7
  == DESCRIPTION:
8
8
 
9
9
  An implementation of RFC 2617 - Digest Access Authentication. At this time
10
- the gem does not fully integrate with Net::HTTP and can be used for with other
11
- HTTP clients.
10
+ the gem does not drop in to Net::HTTP and can be used for with other HTTP
11
+ clients.
12
12
 
13
- == FEATURES/PROBLEMS:
14
-
15
- * Implements RFC 2617 for digest authentication
16
- * Does not fully integrate with Net::HTTP
17
-
18
- == SYNOPSIS:
19
-
20
- See Net::HTTP::DigestAuth
13
+ In order to use net-http-digest_auth you'll need to perform some request
14
+ wrangling on your own. See the class documentation at Net::HTTP::DigestAuth
15
+ for an example.
21
16
 
22
17
  == INSTALL:
23
18
 
@@ -27,7 +22,7 @@ HTTP clients.
27
22
 
28
23
  (The MIT License)
29
24
 
30
- Copyright (c) 2010 Eric Hodel
25
+ Copyright (c) Eric Hodel
31
26
 
32
27
  Permission is hereby granted, free of charge, to any person obtaining
33
28
  a copy of this software and associated documentation files (the
data/Rakefile CHANGED
@@ -5,14 +5,11 @@ require 'hoe'
5
5
 
6
6
  Hoe.plugin :git
7
7
  Hoe.plugin :minitest
8
+ Hoe.plugin :travis
8
9
 
9
10
  Hoe.spec 'net-http-digest_auth' do
10
- self.rubyforge_name = 'seattlerb'
11
11
  developer 'Eric Hodel', 'drbrain@segment7.net'
12
12
 
13
- spec_extras['homepage'] =
14
- 'http://docs.seattlerb.org/net-http-digest_auth'
15
-
16
13
  rdoc_locations <<
17
14
  'docs.seattlerb.org:/data/www/docs.seattlerb.org/net-http-digest_auth/'
18
15
  rdoc_locations <<
data/lib/net/http/digest_auth.rb CHANGED
@@ -14,6 +14,8 @@ require 'monitor'
14
14
  # require 'net/http'
15
15
  # require 'net/http/digest_auth'
16
16
  #
17
+ # digest_auth = Net::HTTP::DigestAuth.new
18
+ #
17
19
  # uri = URI.parse 'http://localhost:8000/'
18
20
  # uri.user = 'username'
19
21
  # uri.password = 'password'
@@ -23,13 +25,15 @@ require 'monitor'
23
25
  # req = Net::HTTP::Get.new uri.request_uri
24
26
  #
25
27
  # res = h.request req
28
+ # # res is a 401 response with a WWW-Authenticate header
26
29
  #
27
- # digest_auth = Net::HTTP::DigestAuth.new
28
30
  # auth = digest_auth.auth_header uri, res['www-authenticate'], 'GET'
29
31
  #
32
+ # # create a new request with the Authorization header
30
33
  # req = Net::HTTP::Get.new uri.request_uri
31
34
  # req.add_field 'Authorization', auth
32
35
  #
36
+ # # re-issue request with Authorization
33
37
  # res = h.request req
34
38
 
35
39
  class Net::HTTP::DigestAuth
@@ -44,7 +48,7 @@ class Net::HTTP::DigestAuth
44
48
  ##
45
49
  # Version of Net::HTTP::DigestAuth you are using
46
50
 
47
- VERSION = '1.2'
51
+ VERSION = '1.2.1'
48
52
 
49
53
  ##
50
54
  # Creates a new DigestAuth header creator.
@@ -80,10 +84,14 @@ class Net::HTTP::DigestAuth
80
84
 
81
85
  www_authenticate =~ /^(\w+) (.*)/
82
86
 
87
+ challenge = $2
88
+
83
89
  params = {}
84
- $2.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
90
+ challenge.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
85
91
 
86
- qop = params['qop']
92
+ challenge =~ /algorithm=(.*?)([, ]|$)/
93
+
94
+ params['algorithm'] = $1 || 'MD5'
87
95
 
88
96
  if params['algorithm'] =~ /(.*?)(-sess)?$/
89
97
  algorithm = case $1
@@ -97,20 +105,19 @@ class Net::HTTP::DigestAuth
97
105
  else raise Error, "unknown algorithm \"#{$1}\""
98
106
  end
99
107
  sess = $2
100
- else
101
- algorithm = Digest::MD5
102
- sess = false
103
108
  end
104
109
 
105
110
  a1 = if sess then
106
111
  [ algorithm.hexdigest("#{user}:#{params['realm']}:#{password}"),
107
112
  params['nonce'],
108
- params['cnonce']
113
+ @cnonce,
109
114
  ].join ':'
110
115
  else
111
116
  "#{user}:#{params['realm']}:#{password}"
112
117
  end
113
118
 
119
+ qop = params['qop']
120
+
114
121
  ha1 = algorithm.hexdigest a1
115
122
  ha2 = algorithm.hexdigest "#{method}:#{uri.request_uri}"
116
123
 
@@ -122,6 +129,7 @@ class Net::HTTP::DigestAuth
122
129
  header = [
123
130
  "Digest username=\"#{user}\"",
124
131
  "realm=\"#{params['realm']}\"",
132
+ "algorithm=#{params['algorithm']}",
125
133
  if qop.nil? then
126
134
  elsif iis then
127
135
  "qop=\"#{qop}\""
data/sample/auth_server.rb CHANGED
@@ -16,7 +16,6 @@ class AuthServlet < WEBrick::HTTPServlet::AbstractServlet
16
16
  config[:Realm] = 'net-http-digest_auth'
17
17
  config[:UseOpaque] = false
18
18
  config[:AutoReloadUserDB] = false
19
- config[:Algorithm] = 'MD5'
20
19
 
21
20
  passwd_file = Tempfile.new 'net-http-digest_auth'
22
21
  passwd_file.close
data/test/test_net_http_digest_auth.rb CHANGED
@@ -19,6 +19,7 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
19
19
  @expected = [
20
20
  'Digest username="user"',
21
21
  'realm="www.example.com"',
22
+ 'algorithm=MD5',
22
23
  'qop=auth',
23
24
  'uri="/"',
24
25
  'nonce="4107baa081a592a6021660200000cd6c5686ff5f579324402b374d83e2c9"',
@@ -37,14 +38,14 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
37
38
  def test_auth_header
38
39
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
39
40
 
40
- @expected[5] = 'nc=00000001'
41
- @expected[7] = 'response="1f5f0cd1588690c1303737f081c0b9bb"'
41
+ @expected[6] = 'nc=00000001'
42
+ @expected[8] = 'response="1f5f0cd1588690c1303737f081c0b9bb"'
42
43
 
43
44
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
44
45
  end
45
46
 
46
47
  def test_auth_header_iis
47
- @expected[2] = 'qop="auth"'
48
+ @expected[3] = 'qop="auth"'
48
49
 
49
50
  assert_equal expected, @da.auth_header(@uri, @header, 'GET', true)
50
51
  end
@@ -52,8 +53,8 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
52
53
  def test_auth_header_no_qop
53
54
  @header.sub! ' qop="auth",', ''
54
55
 
55
- @expected[7] = 'response="32f6ca1631ccf7c42a8075deff44e470"'
56
- @expected.slice! 2
56
+ @expected[8] = 'response="32f6ca1631ccf7c42a8075deff44e470"'
57
+ @expected.slice! 3
57
58
 
58
59
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
59
60
  end
@@ -66,29 +67,31 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
66
67
  end
67
68
 
68
69
  def test_auth_header_post
69
- @expected[7] = 'response="d82219e1e5430b136bbae1670fa51d48"'
70
+ @expected[8] = 'response="d82219e1e5430b136bbae1670fa51d48"'
70
71
 
71
72
  assert_equal expected, @da.auth_header(@uri, @header, 'POST')
72
73
  end
73
74
 
74
75
  def test_auth_header_sess
75
- @header << 'algorithm="MD5-sess"'
76
+ @header << ', algorithm=MD5-sess'
76
77
 
77
- @expected[7] = 'response="76d3ff10007496cee26c61f9d04c72a8"'
78
+ @expected[2] = 'algorithm=MD5-sess'
79
+ @expected[8] = 'response="c22c5bd9112a86ca78ddc1ae772daeeb"'
78
80
 
79
81
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
80
82
  end
81
83
 
82
84
  def test_auth_header_sha1
83
- @expected[7] = 'response="2cb62fc18f7b0ebdc34543f896bb7768"'
85
+ @expected[2] = 'algorithm=SHA1'
86
+ @expected[8] = 'response="2cb62fc18f7b0ebdc34543f896bb7768"'
84
87
 
85
- @header << 'algorithm="SHA1"'
88
+ @header << 'algorithm=SHA1'
86
89
 
87
90
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
88
91
  end
89
92
 
90
93
  def test_auth_header_unknown_algorithm
91
- @header << 'algorithm="bogus"'
94
+ @header << 'algorithm=bogus'
92
95
 
93
96
  e = assert_raises Net::HTTP::DigestAuth::Error do
94
97
  @da.auth_header @uri, @header, 'GET'
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: net-http-digest_auth
3
3
  version: !ruby/object:Gem::Version
4
- hash: 11
4
+ hash: 29
5
5
  prerelease:
6
6
  segments:
7
7
  - 1
8
8
  - 2
9
- version: "1.2"
9
+ - 1
10
+ version: 1.2.1
10
11
  platform: ruby
11
12
  authors:
12
13
  - Eric Hodel
@@ -15,9 +16,9 @@ bindir: bin
15
16
  cert_chain:
16
17
  - |
17
18
  -----BEGIN CERTIFICATE-----
18
- MIIDNjCCAh6gAwIBAgIBADANBgkqhkiG9w0BAQUFADBBMRAwDgYDVQQDDAdkcmJy
19
+ MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMRAwDgYDVQQDDAdkcmJy
19
20
  YWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZFgNu
20
- ZXQwHhcNMDcxMjIxMDIwNDE0WhcNMDgxMjIwMDIwNDE0WjBBMRAwDgYDVQQDDAdk
21
+ ZXQwHhcNMTIwMjI4MTc1NDI1WhcNMTMwMjI3MTc1NDI1WjBBMRAwDgYDVQQDDAdk
21
22
  cmJyYWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZ
22
23
  FgNuZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbbgLrGLGIDE76
23
24
  LV/cvxdEzCuYuS3oG9PrSZnuDweySUfdp/so0cDq+j8bqy6OzZSw07gdjwFMSd6J
@@ -25,17 +26,18 @@ cert_chain:
25
26
  Gj/okWrQl0NjYOYBpDi+9PPmaH2RmLJu0dB/NylsDnW5j6yN1BEI8MfJRR+HRKZY
26
27
  mUtgzBwF1V4KIZQ8EuL6I/nHVu07i6IkrpAgxpXUfdJQJi0oZAqXurAV3yTxkFwd
27
28
  g62YrrW26mDe+pZBzR6bpLE+PmXCzz7UxUq3AE0gPHbiMXie3EFE0oxnsU3lIduh
28
- sCANiQ8BAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
29
- BBS5k4Z75VSpdM0AclG2UvzFA/VW5DANBgkqhkiG9w0BAQUFAAOCAQEAHagT4lfX
30
- kP/hDaiwGct7XPuVGbrOsKRVD59FF5kETBxEc9UQ1clKWngf8JoVuEoKD774dW19
31
- bU0GOVWO+J6FMmT/Cp7nuFJ79egMf/gy4gfUfQMuvfcr6DvZUPIs9P/TlK59iMYF
32
- DIOQ3DxdF3rMzztNUCizN4taVscEsjCcgW6WkUJnGdqlu3OHWpQxZBJkBTjPCoc6
33
- UW6on70SFPmAy/5Cq0OJNGEWBfgD9q7rrs/X8GGwUWqXb85RXnUVi/P8Up75E0ag
34
- 14jEc90kN+C7oI/AGCBN0j6JnEtYIEJZibjjDJTSMWlUKKkj30kq7hlUC2CepJ4v
35
- x52qPcexcYZR7w==
29
+ sCANiQ8BAgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
30
+ BBS5k4Z75VSpdM0AclG2UvzFA/VW5DAfBgNVHREEGDAWgRRkcmJyYWluQHNlZ21l
31
+ bnQ3Lm5ldDAfBgNVHRIEGDAWgRRkcmJyYWluQHNlZ21lbnQ3Lm5ldDANBgkqhkiG
32
+ 9w0BAQUFAAOCAQEAPeWzFnrcvC6eVzdlhmjUub2s6qieBkongKRDHQz5MEeQv4LS
33
+ SARnoHY+uCAVL/1xGAhmpzqQ3fJGWK9eBacW/e8E5GF9xQcV3mE1bA0WNaiDlX5j
34
+ U2aI+ZGSblqvHUCxKBHR1s7UMHsbz1saOmgdRTyPx0juJs68ocbUTeYBLWu9V4KP
35
+ zdGAG2JXO2gONg3b4tYDvpBLbry+KOX27iAJulUaH9TiTOULL4ITJVFsK0mYVqmR
36
+ Q8Tno9S3e4XGGP1ZWfLrTWEJbavFfhGHut2iMRwfC7s/YILAHNATopaJdH9DNpd1
37
+ U81zGHMUBOvz/VGT6wJwYJ3emS2nfA2NOHFfgA==
36
38
  -----END CERTIFICATE-----
37
39
 
38
- date: 2011-11-23 00:00:00 Z
40
+ date: 2012-05-18 00:00:00 Z
39
41
  dependencies:
40
42
  - !ruby/object:Gem::Dependency
41
43
  name: minitest
@@ -45,32 +47,51 @@ dependencies:
45
47
  requirements:
46
48
  - - ~>
47
49
  - !ruby/object:Gem::Version
48
- hash: 15
50
+ hash: 21
49
51
  segments:
50
52
  - 2
51
- - 6
52
- version: "2.6"
53
+ - 11
54
+ version: "2.11"
53
55
  type: :development
54
56
  version_requirements: *id001
55
57
  - !ruby/object:Gem::Dependency
56
- name: hoe
58
+ name: rdoc
57
59
  prerelease: false
58
60
  requirement: &id002 !ruby/object:Gem::Requirement
59
61
  none: false
60
62
  requirements:
61
63
  - - ~>
62
64
  - !ruby/object:Gem::Version
63
- hash: 27
65
+ hash: 19
64
66
  segments:
65
- - 2
66
- - 12
67
- version: "2.12"
67
+ - 3
68
+ - 10
69
+ version: "3.10"
68
70
  type: :development
69
71
  version_requirements: *id002
72
+ - !ruby/object:Gem::Dependency
73
+ name: hoe
74
+ prerelease: false
75
+ requirement: &id003 !ruby/object:Gem::Requirement
76
+ none: false
77
+ requirements:
78
+ - - ~>
79
+ - !ruby/object:Gem::Version
80
+ hash: 7
81
+ segments:
82
+ - 3
83
+ - 0
84
+ version: "3.0"
85
+ type: :development
86
+ version_requirements: *id003
70
87
  description: |-
71
88
  An implementation of RFC 2617 - Digest Access Authentication. At this time
72
- the gem does not fully integrate with Net::HTTP and can be used for with other
73
- HTTP clients.
89
+ the gem does not drop in to Net::HTTP and can be used for with other HTTP
90
+ clients.
91
+
92
+ In order to use net-http-digest_auth you'll need to perform some request
93
+ wrangling on your own. See the class documentation at Net::HTTP::DigestAuth
94
+ for an example.
74
95
  email:
75
96
  - drbrain@segment7.net
76
97
  executables: []
@@ -121,8 +142,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
121
142
  version: "0"
122
143
  requirements: []
123
144
 
124
- rubyforge_project: seattlerb
125
- rubygems_version: 1.8.10
145
+ rubyforge_project: net-http-digest_auth
146
+ rubygems_version: 1.8.21
126
147
  signing_key:
127
148
  specification_version: 3
128
149
  summary: An implementation of RFC 2617 - Digest Access Authentication
metadata.gz.sig CHANGED
@@ -1,3 +1 @@
1
- i�7��'���j�;�J ����hfA�{�M��'xhx�^M c+�� �Z_˗'X�.����ї�
2
- {����/ojt[�2C���N����gg7�#�tȩ�O�_�V�f���y�K�Mn���Jt}_�.���i}/�Q㏿<
3
- ���z���A75�c_���*���W��Ƀ��������DnʕD�Z_C�M�q�tՋ'3��X���]EV�7������ANk��r��v�c��!~1�xxP
1
+ 3�l��)�s0�{p���*6�j��e�f?�<4m9�WE��%(�7�[߽���Pj/�\��)��_�v�dTϳeeIY�I�&����t�Pek���U��T��hN36���W�ے��zt�2�ߞL���I#��ÈA�mtY{dH����V�s��0��ŌNIwfX�=PS�>�bO\����S.2����?)������_�J���ˆ޺�%�zH4�6�T)��&�El}+��_7�A�;��Q5G�N歷�����ߕ